Hi [[ session.user.profile.firstName ]]

Threat Detection and Hunting with MITRE ATT&CK

The MITRE ATT&CK framework is quickly becoming a focal point in the security world — and for good reason. This framework provides a consistent, industry-wide standard on which you can assess the effectiveness of your security monitoring and alerting capabilities.

In this webinar, we will zero in on using the MITRE ATT&CK framework to focus and prepare your threat detection capabilities.

Here are the 5 techniques we’ve selected, based off the tactic prevalence:

T1090 -- Connection Proxy
T1048 -- Service Execution
T1036 -- Exfiltration
T1189 -- Masquerading
T1035 -- Drive-by Compromise

We’ll explore each one of these techniques with you, highlighting how the attackers use them and how you can detect them. We will discuss which logs you need to be collecting, what audit policy needs to enabled, and what you need to look for in those logs.These 5 techniques each come from a different Tactic category in ATT&CK, and relate to different phases in an attack’s lifecycle. Mature threat detection and response requires that you have capabilities across the threat lifecycle, from initial access through command and control and into exfiltration.

Dan Kaiser and Brian Coulson from, LogRhythm, will demonstrate how to use each of these techniques with an actual SIEM. Brian and Dan are part of a large project at LogRhythm Labs in which they are aligning MITRE ATT&ACK with their SIEM platform.

When coupled with a SIEM solution, the MITRE ATT&CK framework allows you to effectively test your security monitoring environment against attack techniques to validate that your technology and rules are truly working and alert you to the right anomalous behavior.

In this webinar, you’ll learn:

1. How to incorporate ATT&CK to work in your environment
2. Building out practical, technical threat detection
3. How to use SIEM technology and logs for threat hunting
Recorded Nov 20 2019 103 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Randy Franklin Smith (UWS) with Dan Kaiser and Brian Coulson
Presentation preview: Threat Detection and Hunting with MITRE ATT&CK

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Moving Laterally to the O365 Cloud Using a Domain Trust Modification Attack Jul 22 2021 4:00 pm UTC 90 mins
    Nick Cavalancia, Dan Kaiser, Brian Coulson, and Sally Vincent
    The months following last December’s SolarWinds SUNBURST supply chain attack have brought forth plenty of intelligence around the tactics, techniques, and processes used to compromise thousands of organization’s networks. The threat actors, dubbed the APT group UNC2452, were able to not just move laterally within the victim’s on-premises environment, but also jumped from on-prem to their Microsoft 365 tenant.

    This hybrid movement can occur via a “Golden SAML” attack, that includes the manipulation of the domain federation trust settings in Azure and potentially within the on-premises AD Federated Services deployment (MITRE ATT&CK technique T1484.002 - Domain Trust Modification) by configuring the domain to accept authorization tokens signed by UNC2452’s SAML signing certificate (technique T1606.002 – Forge Web Credentials: SAML tokens).

    In this on-demand webinar, Microsoft MVP and cybersecurity expert Nick Cavalancia will first discuss:
    - The role of ADFS, domain trusts, and certificates
    - The value of moving laterally from on-prem to the cloud
    - The potential impact both for the initial and subsequent attacks

    Nick is then joined by Brian Coulson - Threat Research Principal Engineer, Sally Vincent – Threat Research Senior Engineer, and Dan Kaiser – Threat Research Senior Engineer all at LogRhythm, who provide multiple perspectives while simulating the attack and exploring the log artifacts of the attack from within the LogRhythm SIEM.

    Brian, Sally, and Dan will explore how a malicious actor could add a federated domain to a Microsoft 365 tenant and discuss how the addition of the federated domain will enable the attacker’s progression towards their objectives. They will simulate the attack and then consider the attack from the standpoint of threat hunter or detection engineer, examining the log artifacts from Azure and on-premises sources. Finally, they will demonstrate threat hunting and real time detection of this technique in the LogRhythm SIEM.
  • Data Science and Machine Learning in cybersecurity Jul 22 2021 2:00 pm UTC 31 mins
    Melissa Ruzzi, LogRhythm’s Senior Product Owner & Phillip Villella, Chief Scientist & Co-founder, LogRhythm
    With the dramatic increase in the number of cyberattacks – and their advanced complexity and sophistication – over the past year, Data Science (DS) and Machine Learning (ML) are currently hot topics in cybersecurity.

    But applying these new technologies effectively to enhance your security posture is no simple task. The type of data available for the models, the variety of models available, and the nature of the tactics and techniques used by threat actors today requires a combination of both domain and technical (DS and ML) expertise.

    In this live session, join Melissa Ruzzi, LogRhythm’s Senior Product Owner, to discover:
    • The fundamental concepts of DS and ML
    • Recent cybersecurity trends
    • A holistic approach to cyber defence
    • How DS and ML can be applied to cybersecurity and the potential challenges
  • The evolution of SIEM: An introduction into XDR Jul 22 2021 9:00 am UTC 60 mins
    Fran Howarth, Practice leader, Security, Bloor Research & Jonathan Zulberg, VP Field Engineering, LogRhythm
    The security infrastructure landscape has changed a lot in the last few years and now just having a Security Information & Event Management (SIEM) platform isn’t enough to keep most organisations safe.

    In this live webinar join Fran Howarth, Practice leader, Security, Bloor Research and Jonathan Zulberg, VP Field Engineering, LogRhythm, who will take you through the fundamentals of Extended Detection and Response (XDR) and what it can do to strengthen your cybersecurity defences including:

    • An overview of XDR and its use in your security infrastructure portfolio
    • How XDR can compliment all the other platforms you’re using
    • Why XDR makes such a good addition to your security stack

    There will also be time to put your questions to both Jonathan and Fran to learn more about the fundamentals of this emerging security technology. Register today!
  • Aligning Security Controls with Leading Cybersecurity Frameworks Jul 22 2021 7:00 am UTC 90 mins
    Nick Cavalancia and Rem Jaques
    The success of every cyberattack today rests solely on what kind of user accounts the bad guys can get their hands on. The goal is to achieve elevated levels of access, whether accomplished by obtaining and abusing existing account credentials or by leveraging vulnerabilities to bypass User Account Control.

    In the past few years, we’ve seen a massive development in cybersecurity frameworks designed to provide organizations with strategic guidance on how to best secure environments against the ever-changing face of cyberthreats. But how do you turn cybersecurity frameworks like NIST 800-171, CMMC, ISO 27001, and CIS Critical Security Controls into practical and actionable steps to improve your organization’s cybersecurity stance and protect against specific tactics, techniques, and procedures (TTP) outlined in MITRE?

    In this real-training-for-free session, Microsoft MVP and cybersecurity expert Nick Cavalancia discusses:

    - Which cybersecurity frameworks should you be paying attention to?
    - Compliance vs. Security: Why frameworks and MITRE aren’t (and never will be) aligned
    - Attempting to map framework controls and objectives with MITRE TTPs

    Rem Jaques, Senior Engineer – Compliance Research, from LogRhythm will also join Nick. Rem provides an outline of MITRE TTP T1078: Valid Accounts, covering related procedures, mitigations, and detection methods via LogRhythm SIEM with practical implementation through detections for privilege escalation and brute force authentication. Rem then displays related account management and access control objectives found in major compliance frameworks and provide insight on how these objectives overlap and intersect with MITRE.

    Watch on-demand now!
  • Dissecting the Golden SAML Attack Used by Attackers Exploiting SUNBURST Backdoor Jul 21 2021 4:00 pm UTC 95 mins
    Randy Franklin Smith, Sally Vincent, and Dan Kaiser
    In this on-demand webinar, Randy Franklin Smith briefly introduces you to federation and SAML and how it works in Office 365. Then he will discuss how attackers exploited selected installations of the SUNBURST backdoor to laterally move to the victim organization’s ADFS server and stole its private key.

    Then, joined by the very knowledgeable security researchers Sally Vincent and Dan Kaiser from LogRhythm Labs, we will show you
    •How a Golden SAML attack works
    •Possible ways to mitigate via preventive controls
    •Methods for detection via SIEM rules and threat hunting
    •What Office 365 logs do and don’t tell us about federated logins

    You will see an actual demonstration of an attack by Sally, and we’ll cover the actual event IDs you need to monitor and attempt to correlate from:
    •Domain controllers
    •ADFS servers
    •Office 365 audit log

    This is a highly technical session we think you will really enjoy and benefit from. Especially because we expect to see a lot more Golden SAML attacks this year.

    Watch on-demand now!
  • Lessons from our Zero Trust journey: Successes, failures & dodging pitfalls Jul 21 2021 9:00 am UTC 60 mins
    Andrew Hollister, Deputy CISO and VP of LogRhythm Labs
    A lot of vendors are jumping on the Zero Trust bandwagon, toting potential benefits and implementation paths; but how many have actually implemented it themselves? Stop talking hypotheticals and start talking about real experiences. Join Andrew Hollister, Deputy CISO and VP of LogRhythm Labs for this live webinar to hear his learnings, successes and failures from LogRhythm’s Zero Trust journey.
  • Detection and Response Strategies for Cloud Security Incidents Jul 21 2021 7:00 am UTC 31 mins
    Daniel Crossley, LogRhythm, Sales Engineering Manager, UK
    Join Daniel Crossley, LogRhythm, Sales Engineering Manager, UK, to discover common security incidents that happen in AWS environments and gain helpful tips for detecting and responding to them.

    In this session you will learn:
    • Common security incident types in AWS
    • The various log types in AWS
    • Helpful response strategies
  • Reducing corporate security risk with next-gen security operations Jul 12 2021 8:00 am UTC 60 mins
    Amjad Khader, Enterprise Sales Manager, LogRhythm & Elie Sfeir, Senior Business Development Manager, Dimension Data
    Today’s security operations center (SOC) teams face more challenges than ever before. The remote working environment caused by Covid-19 has presented new challenges and enhanced business and technical requirements, meaning SOCs have had to pivot their focus from traditional network perimeter defences.

    In this live webinar Amjad Khader, Enterprise Sales Manager, LogRhythm is joined by Elie Sfeir, Senior Business Development Manager, Dimension Data, to discuss how digital transformation in business is introducing many new and evolving technologies, such as cloud computing, big data, social media, and IoT. They will outline how traditional security information and event management (SIEM) and other analytical tools are no longer sufficient to monitor more complex environments. Highlighting the need for SOC teams to evolve to extend monitoring beyond on-premise into cloud services, mobile devices, and more.

    In this session you’ll hear:
    - Current cybersecurity trends and the impacts of Covid-19 on the industry
    - How digital transformation is introducing new and enhanced security risks and growing the network perimeter
    - Why traditional SIEM lacks performance compared to next-gen security solutions
  • CISO to CISO: How to Be Security First Recorded: Jun 22 2021 65 mins
    James Carder and Paul Caiazzo
    Today’s CISO faces many challenges, including building security operations center teams and retaining that talent, getting financial support from the board, and balancing where they invest that money to enhance their security posture. Another challenge that CISOs face today is how to successfully set a security-first mindset across the organization.

    LogRhythm CSO, James Carder, and Avertium CISO, Paul Caiazzo, discussed how to overcome the many challenges they face in the current cybersecurity landscape. This roundtable discussion includes hot topics like ransomware, XDR, Zero Trust, and so much more.

    James and Paul explored important topics such as:
    • Threat trends and countermeasures in the healthcare and technology sectors
    • How we are seeing customers leverage XDR, NDR, and ZTN to prevent and detect threats
    • An open conversation around ransomware and data theft

    This interactive webinar is a can’t miss for security leaders who want to be security first. Watch on-demand now!
  • [EMEA] Logging & threat detection in the cloud Recorded: Jun 22 2021 43 mins
    Dan Crossley, SE CISSP, LogRhythm
    The momentum behind the growth of cloud services is unstoppable, as businesses seek software, applications, and infrastructure that are more flexible and cost-effective. According to analysts, nearly half of all application spend is now invested in cloud services, and this cloud-first trend is only going in one direction.

    In this technical webinar LogRhythm’s Daniel Crossley outlines logging and threat detection strategies within cloud environments, including Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure and Office 365.

    The session covers:
    • Logging: An overview of cloud logging mechanisms
    • Log ingestion: Log collection from cloud environments
    • Analytics: Threat detection use cases for cloud environments

    The aim of this session is to give you a better understanding of logging and threat detection in cloud environments.
  • [APAC] Moving Laterally to O365 Cloud Using a Domain Trust Modification Attack Recorded: Jun 22 2021 90 mins
    Nick Cavalancia, Dan Kaiser, Brian Coulson, and Sally Vincent
    The months following last December’s SolarWinds SUNBURST supply chain attack have brought forth plenty of intelligence around the tactics, techniques, and processes used to compromise thousands of organization’s networks. The threat actors, dubbed the APT group UNC2452, moved laterally within the victim’s on-premises environment and jumped to their Microsoft 365 tenant.

    This hybrid movement can occur via a “Golden SAML” attack, that includes the manipulation of the domain federation trust settings in Azure and potentially within the on-premises AD Federated Services deployment (MITRE ATT&CK technique T1484.002 - Domain Trust Modification) by configuring the domain to accept authorization tokens signed by UNC2452’s SAML signing certificate (technique T1606.002 – Forge Web Credentials: SAML tokens).

    In the first part, Microsoft MVP and cybersecurity expert Nick Cavalancia discusses:
    - The role of ADFS, domain trusts, and certificates
    - The value of moving laterally from on-prem to the cloud
    - The potential impact both for the initial and subsequent attacks

    Brian Coulson - Threat Research Principal Engineer, Sally Vincent and Dan Kaiser, both Threat Research Senior Engineers all at LogRhythm, then provide multiple perspectives while simulating the attack and exploring log artifacts of the attack from within the LogRhythm SIEM.

    Brian, Sally, and Dan explore how a malicious actor could add a federated domain to a Microsoft 365 tenant and discuss how the addition of the federated domain will enable the attacker’s progression towards their objectives. They simulate the attack and consider the attack from the standpoint of threat hunter or detection engineer, examining the log artifacts from Azure and on-premises sources. Finally, they demonstrate threat hunting and real time detection of this technique in the LogRhythm SIEM.
  • Aligning Security Controls with Leading Cybersecurity Frameworks Recorded: Jun 15 2021 90 mins
    Nick Cavalancia and Rem Jaques
    The success of every cyberattack today rests solely on what kind of user accounts the bad guys can get their hands on. The goal is to achieve elevated levels of access, whether accomplished by obtaining and abusing existing account credentials or by leveraging vulnerabilities to bypass User Account Control.

    In the past few years, we’ve seen a massive development in cybersecurity frameworks designed to provide organizations with strategic guidance on how to best secure environments against the ever-changing face of cyberthreats. But how do you turn cybersecurity frameworks like NIST 800-171, CMMC, ISO 27001, and CIS Critical Security Controls into practical and actionable steps to improve your organization’s cybersecurity stance and protect against specific tactics, techniques, and procedures (TTP) outlined in MITRE?

    In this real-training-for-free session, Microsoft MVP and cybersecurity expert Nick Cavalancia discusses:

    - Which cybersecurity frameworks should you be paying attention to?
    - Compliance vs. Security: Why frameworks and MITRE aren’t (and never will be) aligned
    - Attempting to map framework controls and objectives with MITRE TTPs

    Rem Jaques, Senior Engineer – Compliance Research, from LogRhythm will also join Nick. Rem provides an outline of MITRE TTP T1078: Valid Accounts, covering related procedures, mitigations, and detection methods via LogRhythm SIEM with practical implementation through detections for privilege escalation and brute force authentication. Rem then displays related account management and access control objectives found in major compliance frameworks and provide insight on how these objectives overlap and intersect with MITRE.

    Watch on-demand now!
  • [APAC] Automate Threat Detection with LogRhythm MistNet NDR & SIEM Recorded: Jun 10 2021 58 mins
    Leonardo Hutabarat, LogRhythm APAC Sales Engineering Manager
    In this webinar, we'll showcase how to leverage machine learning-driven threat detection and customizable automation to achieve a truly unified view of your environment. Efficiently automate mitigation strategies based on real-life adversarial attacks for streamlined threat detection.

    Join us in this LIVE session to gain insights to:
    • A live demo where we quickly detect & mitigate malware and other use cases with MistNet NDR and LogRhythm SIEM
    • How LogRhythm's built-in MITRE ATT&CK Engine delivers a complete model of enterprise activity at network, host, user and process level.
    • Achieving accurate threat detection and block advanced attacks.

    Save your spot!
  • Staying agile and cyber resilient in a virtual world Recorded: May 27 2021 34 mins
    Jonathan Cummings, Director of Cyber Resilience, Direct Line Group & Kev Eley, VP of Sales Europe, LogRhythm
    Managing a successful security program can be hard. Ensuring your business remains agile and competitive whilst also being protected from adverse cyber incidents can be a balancing act. And proving value to the board can bring its own challenges.

    In this on demand Q&A Direct Line Group’s Director of Cyber Resilience, Jonathan Cummings and LogRhythm’s VP of Sales Europe, Kev Eley will delve into how Jonathan balances these requirements. The session answers questions such as:

    • How to communicate the necessity to operate a cyber resilience framework to the business?
    • What barriers need to be overcome to ensure that the framework can be implemented effectively?
    • Where to start in improving capabilities as part of the framework?
    • How does Direct Line maintain its cyber resilience in a virtual world?

    If you are struggling to get approval for your security program, this session may offer you some of the help you need.
  • [APAC] Introducing MistNet NDR by LogRhythm: Network Threat Detection Made Easy. Recorded: May 26 2021 58 mins
    Dan Crossley, Enterprise Sales Engineering Manager and John Golden, Enterprise Sales Manager, LogRhythm
    If we reflect on the cybersecurity news of 2020, it is clear that determined threat actors are using carefully planned and sophisticated attack techniques to breach the networks of target organisations. In any successful cyber intrusion, the threat actors successfully evaded the endpoint security systems, but the network communications provides us with an opportunity for detection.

    In this on-demand webinar, you will learn three key network-based techniques that threat actors will employ during a typical attack on a target environment. We discuss why these techniques are so successful and why you should consider an NDR solution to enhance your own threat hunting and detection approaches.

    Listen to Dan Crossley, Enterprise Sales Engineering Manager and John Golden, Enterprise Sales Manager, LogRhythm, to gain insight into the following attack techniques:
    - How attackers establish Command & Control (C2) communications and infrastructure
    - How Domain Generation Algorithms (DGAs) work and why they are used
    - How attackers can exfiltrate data via DNS tunnelling
  • Avoiding or Minimizing Ransomware Impact to the Bottom Line Recorded: May 24 2021 61 mins
    John Pescatore, SANS Director of Emerging Security Trends and Benjamin Wright, lawyer and SANS Senior Instructor
    In the event of a ransomware attack, security managers must be able to give business-relevant risk recommendations to CEOs and boards of directors. Most of the thought and effort required to do so must take place well before the attack.

    On this webcast, John Pescatore, SANS Director of Emerging Security Trends, and Benjamin Wright, lawyer and SANS Senior Instructor, will discuss key ransomware issues, including:
    - Key security processes to avoid ransomware attacks
    - Issues around ransomware payoffs if an attack succeeds
    - How cyber insurance can play a role in reducing the financial impact of an attack

    Register now for this on-demand webcast!
  • [EMEA] Five practical use cases to enhance threat detection and response Recorded: May 20 2021 43 mins
    Jake Anthony, Systems Engineer and Simon Hamilton, Client Manager, LogRhythm
    Without rapid and accurate threat detection, your mean time to detect and respond to damaging cyberattacks is compromised, allowing attackers time to steal your organisation’s sensitive data. From collecting security and log data to utilising machine analytics, your team can effectively reduce the time it takes to discover threats on your network.

    In this on-demand webinar Jake Anthony and Simon Hamilton from LogRhythm outline five practical use cases to enhance threat detection and response with your existing tools.

    These include:
    • Integrating endpoint detection for improved threat hunting capabilities
    • Combining logical and physical authentication to spot anomalous access
    • Automating detection and response to phishing attacks
    • Detecting possible indicators of bit-coin mining
    • Improving incident response times through audio and visual alerting
  • [APAC] Ransomware & Zero Trust: Cyber resilience for a ‘work anywhere’ world Recorded: May 20 2021 20 mins
    James Carder, CSO & VP of Labs
    Hackers compromised Solarwinds’ source code to inject a backdoor, propagating a vast infrastructure attack impacting 18,000 customers. James Carder, CSO & VP of Labs, LogRhythm, discusses honing in on methods used in the breach and preparing for when threat actors strike again – in old or new ways. He also shares top security risks, concerns, and strategies for CISOs and businesses, including what to expect with threats like ransomware.
  • Moving Laterally to the O365 Cloud Using a Domain Trust Modification Attack Recorded: May 18 2021 90 mins
    Nick Cavalancia, Dan Kaiser, Brian Coulson, and Sally Vincent
    The months following last December’s SolarWinds SUNBURST supply chain attack have brought forth plenty of intelligence around the tactics, techniques, and processes used to compromise thousands of organization’s networks. The threat actors, dubbed the APT group UNC2452, were able to not just move laterally within the victim’s on-premises environment, but also jumped from on-prem to their Microsoft 365 tenant.

    This hybrid movement can occur via a “Golden SAML” attack, that includes the manipulation of the domain federation trust settings in Azure and potentially within the on-premises AD Federated Services deployment (MITRE ATT&CK technique T1484.002 - Domain Trust Modification) by configuring the domain to accept authorization tokens signed by UNC2452’s SAML signing certificate (technique T1606.002 – Forge Web Credentials: SAML tokens).

    In this on-demand webinar, Microsoft MVP and cybersecurity expert Nick Cavalancia will first discuss:
    - The role of ADFS, domain trusts, and certificates
    - The value of moving laterally from on-prem to the cloud
    - The potential impact both for the initial and subsequent attacks

    Nick is then joined by Brian Coulson - Threat Research Principal Engineer, Sally Vincent – Threat Research Senior Engineer, and Dan Kaiser – Threat Research Senior Engineer all at LogRhythm, who provide multiple perspectives while simulating the attack and exploring the log artifacts of the attack from within the LogRhythm SIEM.

    Brian, Sally, and Dan will explore how a malicious actor could add a federated domain to a Microsoft 365 tenant and discuss how the addition of the federated domain will enable the attacker’s progression towards their objectives. They will simulate the attack and then consider the attack from the standpoint of threat hunter or detection engineer, examining the log artifacts from Azure and on-premises sources. Finally, they will demonstrate threat hunting and real time detection of this technique in the LogRhythm SIEM.
  • [APAC] Dissecting Golden SAML attack attackers used to exploit SUNBURST backdoor Recorded: May 13 2021 94 mins
    Randy Franklin Smith, Sally Vincent, and Dan Kaiser
    In this on-demand webinar, Randy Franklin Smith briefly introduces you to federation and SAML and how it works in Office 365. Then he will discuss how attackers exploited selected installations of the SUNBURST backdoor to laterally move to the victim organization’s ADFS server and stole its private key.

    Then, joined by the very knowledgeable security researchers Sally Vincent and Dan Kaiser from LogRhythm Labs, we will show you
    •How a Golden SAML attack works
    •Possible ways to mitigate via preventive controls
    •Methods for detection via SIEM rules and threat hunting
    •What Office 365 logs do and don’t tell us about federated logins

    You will see an actual demonstration of an attack by Sally, and we’ll cover the actual event IDs you need to monitor and attempt to correlate from:
    •Domain controllers
    •ADFS servers
    •Office 365 audit log

    This is a highly technical session we think you will really enjoy and benefit from. Especially because we expect to see a lot more Golden SAML attacks this year.

    Watch on-demand now!
Be Security First.
LogRhythm’s award-winning NextGen SIEM Platform makes the world safer by protecting organizations, employees, and customers from the latest cyberthreats. It does this by providing a comprehensive platform with the latest security functionality, including security analytics; network detection and response (NDR); user and entity behavior analytics (UEBA); and security orchestration, automation, and response (SOAR). Learn how LogRhythm empowers companies to be security first at logrhythm.com.

To learn more, please visit logrhythm.com.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Threat Detection and Hunting with MITRE ATT&CK
  • Live at: Nov 20 2019 6:00 pm
  • Presented by: Randy Franklin Smith (UWS) with Dan Kaiser and Brian Coulson
  • From:
Your email has been sent.
or close